Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/NvaR_rOGldsYiZdoT_ugo6qWJeA.roa
File: NvaR_rOGldsYiZdoT_ugo6qWJeA.roa (raw, json)
Hash identifier: c/j6WIhsGMhycCSfgVq9XEnoMlbnzerq1+BD40dCLE0=
Subject key identifier: 36:F6:91:FE:B3:86:95:DB:18:89:97:68:4F:FB:A0:A3:AA:96:25:E0
Certificate issuer: /CN=a8dff01f56e3419d027be7591ceef62851ce0f6b
Certificate serial: 02A97610
Authority key identifier: A8:DF:F0:1F:56:E3:41:9D:02:7B:E7:59:1C:EE:F6:28:51:CE:0F:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/NvaR_rOGldsYiZdoT_ugo6qWJeA.roa
Signing time: Sat 01 Jan 2022 16:02:41 +0000
ROA not before: Sat 01 Jan 2022 16:02:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51956
IP address blocks: 185.201.174.160/29 maxlen: 29
185.201.174.184/29 maxlen: 29
185.201.174.176/29 maxlen: 29
185.201.174.240/29 maxlen: 29
185.201.172.0/22 maxlen: 22
185.201.174.224/28 maxlen: 28
185.201.174.192/28 maxlen: 28
185.201.174.64/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44660240 (0x2a97610)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8dff01f56e3419d027be7591ceef62851ce0f6b
Validity
Not Before: Jan 1 16:02:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36f691feb38695db188997684ffba0a3aa9625e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:69:78:c3:5a:11:ec:4d:fa:65:a4:61:ca:7a:
1e:33:5a:45:22:3b:f6:64:0a:6f:06:00:1a:94:31:
91:78:0e:2d:bd:71:d9:f9:e7:11:b0:2a:4b:8f:34:
b6:9c:ce:2c:92:3b:6c:27:ba:8c:66:6b:56:e5:83:
8c:44:34:d6:eb:39:88:c8:11:4b:13:85:67:e6:ba:
52:0d:3f:fc:79:3a:0c:43:ca:57:1f:d5:fa:21:95:
b6:cc:16:a1:d1:1c:ca:26:5d:dd:23:eb:7b:94:44:
d4:a2:ff:6e:16:d4:39:24:a9:47:9e:5e:0a:2b:a3:
8b:26:96:1f:43:b7:e2:a8:b4:38:29:c9:c3:02:92:
59:8f:96:2d:f2:f9:5a:d4:ad:71:ef:ce:a2:85:ec:
08:19:c1:fe:2b:8b:fd:a5:2b:b9:c3:7a:b4:8e:62:
48:09:f9:71:31:e2:51:3f:ed:bb:c0:4b:31:da:6c:
75:41:e2:f3:0b:63:47:7c:46:58:4e:20:f3:8f:c6:
1b:5c:6f:b0:1e:5e:64:71:d1:97:f0:4f:1d:02:29:
4b:7e:99:bf:46:4c:34:25:54:40:27:8d:d8:a8:50:
cf:cd:52:a0:0e:cf:8d:93:80:6a:7a:f8:4f:10:f6:
8b:31:43:17:ac:3b:d2:c1:d9:b6:33:d3:51:ab:02:
18:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F6:91:FE:B3:86:95:DB:18:89:97:68:4F:FB:A0:A3:AA:96:25:E0
X509v3 Authority Key Identifier:
keyid:A8:DF:F0:1F:56:E3:41:9D:02:7B:E7:59:1C:EE:F6:28:51:CE:0F:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/NvaR_rOGldsYiZdoT_ugo6qWJeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.172.0/22
Signature Algorithm: sha256WithRSAEncryption
20:fb:1f:39:21:72:4e:40:80:a4:aa:8f:bf:71:36:e3:b1:90:
b2:ec:f2:5e:49:d6:38:f4:ef:82:7e:2f:79:1c:c6:6e:ed:36:
35:ef:ec:4c:cc:dd:31:5c:eb:10:d6:41:3b:1c:2f:f6:34:d4:
5f:22:cb:fd:9a:18:08:5b:1b:f6:d9:8a:08:96:5a:cd:70:93:
43:26:18:fe:a7:f3:72:af:9c:c1:b2:36:bc:a6:cd:1d:b0:3a:
8e:62:33:4f:b5:03:35:af:33:22:8f:54:29:42:cc:b1:94:ce:
ef:d8:43:ee:54:01:8b:e8:d4:c6:11:0e:4f:bb:4b:46:b2:2e:
97:f7:1b:ea:10:f4:87:20:db:bb:b5:21:f0:ed:d0:3a:bd:93:
f6:e3:3f:d2:b4:97:fa:92:ab:83:6d:57:c3:0c:fe:92:44:ee:
88:db:c0:1a:18:12:35:5c:ad:6d:c6:ae:98:bd:c4:7c:f5:13:
4b:15:36:5b:9c:bf:34:e9:b3:fe:fc:b4:4a:46:0f:23:f6:bd:
23:cb:96:b6:50:07:00:f1:fe:26:a5:3a:08:b1:c8:ce:b4:bb:
1f:32:7b:30:fa:aa:3b:db:de:0f:d1:b5:09:0f:bd:af:2e:87:
eb:d4:38:ae:00:a4:ea:d8:9f:25:3b:e5:44:f0:0b:48:4b:a3:
88:c2:5c:93
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAql2EDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OGRmZjAxZjU2ZTM0MTlkMDI3YmU3NTkxY2VlZjYyODUxY2UwZjZiMB4XDTIyMDEw
MTE2MDI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZmNjkxZmViMzg2
OTVkYjE4ODk5NzY4NGZmYmEwYTNhYTk2MjVlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhpeMNaEexN+mWkYcp6HjNaRSI79mQKbwYAGpQxkXgOLb1x
2fnnEbAqS480tpzOLJI7bCe6jGZrVuWDjEQ01us5iMgRSxOFZ+a6Ug0//Hk6DEPK
Vx/V+iGVtswWodEcyiZd3SPre5RE1KL/bhbUOSSpR55eCiujiyaWH0O34qi0OCnJ
wwKSWY+WLfL5WtStce/OooXsCBnB/iuL/aUrucN6tI5iSAn5cTHiUT/tu8BLMdps
dUHi8wtjR3xGWE4g84/GG1xvsB5eZHHRl/BPHQIpS36Zv0ZMNCVUQCeN2KhQz81S
oA7PjZOAanr4TxD2izFDF6w70sHZtjPTUasCGC8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ29pH+s4aV2xiJl2hP+6CjqpYl4DAfBgNVHSMEGDAWgBSo3/AfVuNBnQJ7
51kc7vYoUc4PazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FOX3dIMWJqUVowQ2UtZFpITzcyS0ZIT0Qycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvNDczMzY2LTcwMmQtNDczZi1iZmJlLTg4MmM0NDhlMmVmNi8x
L052YVJfck9HbGRzWWlaZG9UX3VnbzZxV0plQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
NDczMzY2LTcwMmQtNDczZi1iZmJlLTg4MmM0NDhlMmVmNi8xL3FOX3dIMWJqUVow
Q2UtZFpITzcyS0ZIT0Qycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnJrDANBgkqhkiG9w0BAQsFAAOC
AQEAIPsfOSFyTkCApKqPv3E247GQsuzyXknWOPTvgn4veRzGbu02Ne/sTMzdMVzr
ENZBOxwv9jTUXyLL/ZoYCFsb9tmKCJZazXCTQyYY/qfzcq+cwbI2vKbNHbA6jmIz
T7UDNa8zIo9UKULMsZTO79hD7lQBi+jUxhEOT7tLRrIul/cb6hD0hyDbu7Uh8O3Q
Or2T9uM/0rSX+pKrg21Xwwz+kkTuiNvAGhgSNVytbcaumL3EfPUTSxU2W5y/NOmz
/vy0SkYPI/a9I8uWtlAHAPH+JqU6CLHIzrS7HzJ7MPqqO9veD9G1CQ+9ry6H69Q4
rgCk6tifJTvlRPALSEujiMJckw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:25 2025 by rpki-client